Windows 10 Fall Creators Update broken your Start menu? Microsoft's just fixed it - TechRepublic

Windows 10 Fall Creators Update broken your Start menu? Microsoft's just fixed it

Microsoft has resolved the issue of disappearing apps in the Start menu, alongside a host of other issues in its Patch Tuesday update.

By Nick Heath | November 15, 2017, 3:49 AM PST


Windows 10's recent Fall Creators Update added a variety of new features to Microsoft's OS but also broke the Start menu for some users.

Following the update, there were numerous complaints about tiles for installed apps disappearingfrom the Start menu.

Now Microsoft has resolved the issue in its latest Patch Tuesday update. The fix should be automatically applied for internet-connected Windows 10 Home users but Microsoft recommends those who can't install the patch follow the steps outlined here.

The free Fall Creators Update is currently being rolled out to Windows 10 machines and offers a variety of improvements, with standout features including streamlined cloud storage, better protection against ransomware, a new social hub and a host of security additions for enterprise. Tuesday's update also resolves crashes in Windows 10's newly added Mixed Reality Portal.

Microsoft's wider Patch Tuesday update resolved more than 50 security vulnerabilities, 20 of which are critical. These flaws included one that allowed software to bypass Windows 10 Device Guard protections and designate an exploit as a trusted file, which could then be executed. Another allowed malware to bypass settings stopping macros from being run inside Excel, a problem given that macros are commonly used by malware to infect computers.

Researchers at Trend Micro's Zero Day Initiative also suspect one of the updates is aimed at mitigating a nearly undetectable Microsoft Office exploit that takes advantage of a 24-year-old Microsoft protocol called Dynamic Data Exchange (DDE). Microsoft is rather tight-lipped on what the update does, only saying it provides "enhanced security as a defense-in-depth measure" for Microsoft Office.

A series of remote-code execution vulnerabilities in Office have been patched (CVE-2017-11884, CVE-2017-11882, CVE-2017-11878, CVE-2017-11854), as have similar flaws in the Internet Explorer and Microsoft Edge web browsers (CVE-2017-11845, CVE-2017-11855, CVE-2017-11856).

Adobe also issued fixes for a total of 83 vulnerabilities spanning products such as Flash Player (APSB17-33), Photoshop (APSB17-34), Acrobat and Reader (APSB17-36).

Researchers at Trend Micro says the most pressing updates are for Flash Player and Acrobat, which correct various exploits allowing for remote-code execution.


View the original article here:
Windows 10 Fall Creators Update broken your Start menu? Microsoft's just fixed it - TechRepublic

The best smartphones and tablets to give as gifts

Let's be real: Smartphones are pricey and as far as gifts go, they're hard to keep a surprise. But there's also a good chance someone in your life is due for an upgrade, and as the holiday season approaches, you're likely to spot some good deals. 

For Engadget's 2017 holiday gift guide, we recommend four phones: the iPhone 8/8 Plus,
the Google Pixel 2 and 2XL, the older-but-still-good Galaxy S8 and S8 Plus, and the Moto G5 Plus, for the budget conscious. We also threw in some tablets for good measure: the basic iPad for Apple fans and the Galaxy Tab S3 for Android users. Certain folks requiring more power might be better served by the 10.5-inch iPad Pro or Microsoft's Surface Pro, but unless your giftee also needs a laptop replacement, you can easily get by with something less expensive. Let's be real: Smartphones are pricey and as far as gifts go, they're hard to keep a surprise. But there's also a good chance someone in your life is due for an upgrade, and as the holiday season approaches, you're likely to spot some good deals. For Engadget's 2017 holiday gift guide, we recommend four phones: the iPhone 8/8 Plus, the Google Pixel 2 and 2XL, the older-but-still-good Galaxy S8 and S8 Plus, and the Moto G5 Plus, for the budget conscious. We also threw in some tablets for good measure: the basic iPad for Apple fans and the Galaxy Tab S3 for Android users. Certain folks requiring more power might be better served by the 10.5-inch iPad Pro or Microsoft's Surface Pro, but unless your giftee also needs a laptop replacement, you can easily get by with something less expensive.



The best smartphones and tablets to give as gifts

This Chatbot Wastes Scammers' Time, And It's Glorious

I've gotten quite adept at hitting the delete button whenever I see a scammer email staring at me from my inbox.  Phone calls, unless the number is recognized, automatically go to voicemail.  Often entertaining the thought of messing with scammers, and once doing it, I find little time to actually perform this task.  I will vicariously live through and find endless delightment in following those that do have the time to spit back what scammers deserve.  You guys go!

This article was originally located at: This Chatbot Wastes Scammers' Time, And It's Glorious

This Chatbot Wastes Scammers' Time, And It's Glorious 

by Emily Price

At some point, we’ve all been contacted by a Nigerian prince, long-lost uncle, or some guy that just can’t manage to get a bank account with the promise that if we just make one small wire transfer we’ll have millions in our account by morning.

Admittedly, I’ve responded to a few for fun just to see where the conversation can go. As The Verge reports, now one security firm has created a chatbot that allows you to respond to all those annoying scam messages and waste their time like they did yours by sending the email in the first place.

To use it, you just have to forward the first offending message to me@rescam.org. When you do, a proxy email address will start replying to the scammer’s emails for you. And the responses look pretty real.

Rescam has a few listed on their site. For instance, this was the chatbot’s first response to a request for a wire transfer.

It’s easy to use, and says just enough to keep the conversation going without letting on that you’re actually using a bot to do the talking.

Ex-Facebook president Sean Parker: site made to exploit human 'vulnerability' | Technology | The Guardian

This is not new news, but just in case you need ONE more reminder about how the typical use of social networking is actually BAD FOR YOUR HEALTH, here's one, right from one of the horse's mouths. With the addition of having little computers in our pockets to walk around with, we can make widows and widowers of our spouses even while we are still technically breathing. There's nothing quite like abandoning a friend IRL while paying attention to dozens on our little lit box in a pocket.


This article was originally found at: Ex-Facebook president Sean Parker: site made to exploit human 'vulnerability' | Technology | The Guardian.

Ex-Facebook president Sean Parker: site
made to exploit human 'vulnerability'

Site’s founding president, who became a billionaire thanks to the company, says: ‘God only knows what it’s doing to our children’s brains’

Facebook’s founders knew they were creating something addictive that exploited “a vulnerability in human psychology”
from the outset, according to the company’s founding president Sean Parker.

Parker, whose stake in Facebook made him a billionaire, criticized the social networking giant at an Axios event in Philadelphia this week. Now the founder and chair of the Parker Institute for Cancer Immunotherapy, Parker was there to speak about advances in cancer therapies. However, he took the time to provide some insight into the early thinking at Facebook at a time when social media companies face intense scrutiny from lawmakers over their power and influence.

Parker described how in the early days of Facebook people would tell him they weren’t on social media because they valued their real-life interactions.

“And I would say, ‘OK. You know, you will be,’” he said.

“I don’t know if I really understood the consequences of what I was saying,” he added, pointing to “unintended consequences” that arise when a network grows to have more than 2 billion users.

“It literally changes your relationship with society, with each other. It probably interferes with productivity in weird ways. God only knows what it’s doing to our children’s brains,” he said.

He explained that when Facebook was being developed the objective was: “How do we consume as much of your time and conscious attention as possible?” It was this mindset that led to the creation of features such as the “like” button that would give users “a little dopamine hit” to encourage them to upload more content.

“It’s a social-validation feedback loop … exactly the kind of thing that a hacker like myself would come up with, because you’re exploiting a vulnerability in human psychology.”

Parker, who previously founded the file-sharing site Napster, joined the Facebook team in 2004 five months after the site had launched as a student directory at Harvard. Parker saw the site’s potential and was, according to Zuckerberg, “pivotal in helping Facebook transform from a college project into a real company”.

In 2005, police found cocaine in a vacation home Parker was renting and he was arrested on suspicion of possession of a schedule 1 substance. He wasn’t charged, but the arrest rattled investors and he resigned shortly after.

Thanks mostly to his brief stint at Facebook, Parker’s net worth is estimated to be more than $2.6bn. He set up the Parker Foundation in June 2015 to use some of his wealth to support “large-scale systemic change” in life sciences, global public health and civic engagement.

Parker is not the only Silicon Valley entrepreneur to express regret over the technologies he helped to develop. The former Googler Tristan Harris is one of several techies interviewed by the Guardian in October to criticize the industry.

“All of us are jacked into this system,” he said. “All of our minds can be hijacked. Our choices are not as free as we think they are.”

Cryptojacking craze that drains your CPU now done by 2,500 sites | Ars Technica

Just when you get settled on blaming Chrome, or Firefox, or Edge and the hundreds of tabs you may have open for slowing your computer down ... now you're validated!

While this is an insidious and violating happenstance, don't worry, once this fad is vanquished, there'll be others. 

This article was originally found at: ArsTechnica

Cryptojacking craze that drains your CPU now done by 2,500 sites

Android apps with millions of Google Play downloads also crash the party.

DAN GOODIN - 11/8/2017, 12:45 PM

A researcher has documented almost 2,500 sites that are actively running cryptocurrency mining code in the browsers of unsuspecting visitors, a finding that suggests the unethical and possibly illegal practice has only picked up steam since it came to light a few weeks ago.

Willem de Groot, an independent security researcher who reported the findings Tuesday, told Ars that he believes all of the 2,496 sites he tracked are running out-of-date software with known security vulnerabilities that have been exploited to give attackers control. Attackers, he said, then used their access to add code that surreptitiously harnesses the CPUs and electricity of visitors to generate the digital currency known as Monero. About 80 percent of those sites, he added, also contain other types of malware that can steal visitors' payment card details.

"Apparently, cyberthieves are squeezing every penny out of their confiscated assets," he said.

One of the affected sites is shop.subaru.com.au. When I visited the site on Tuesday, the fan on my MacBook Pro, which I hadn't heard in months, soon started whirring. The activity monitor showed that about 95 percent of the CPU load was being consumed. As soon as I closed the site, the load dropped to about 9 percent. Besides putting a noticeable strain on my computer, the site also draws additional electricity from my office. The arrangement allows the attackers to reap the benefit of my hardware and electricity without providing anything to me in return. A recent report from security firm Trustwave's SpiderLabs estimated that the electricity cost for a single computer could range from about $2.90 to $5 per month, presumably if the cryptomining page was left open and running continuously over that time. The figure doesn't include the wear and tear on hardware as it performs complex mathematical problems required to generate the digital coins.

Activity monitor showing CPU load when visiting http://shop.subaru.com.au.

Thanks, Coinhive

The site that makes all of this possible is Coinhive.com, which Ars covered last week. It offers an easy-to-use programming interface that any website can use to turn visitors' computers into vehicles for generating—or in the parlance of cryptocurrency people, mining—Monero. Coinhive gives participating sites a tiny cut of the proceeds and pockets the rest. Coinhive doesn't require that sites provide any notice to users.

de Groot said that about 85 percent of the 2,496 sites he tracked are generating currency on behalf of just two Coinhive accounts. Depending on the total number of visitors, the amount of time they stay on an affected site, and the power of their computers, the revenue collected by those accounts could be considerable, as would be the total amount of additional charges those accounts made to visitors' electric bills. The remaining 15 percent were spread over additional Coinhive accounts, but de Groot has evidence suggesting those accounts are controlled by a single individual or group. Most of the affected sites concealed the connection to Coinhive by adding a link to the domain siteverification.online or one masquerading as a Sucuri firewall. Those disguised sites, in turn, hosted the crypto-mining JavaScript that interacted with Coinhive.

de Groot's findings suggest that drive-by cryptomining has grown more widespread in the week since Ars first covered it or at least that the phenomenon shows no signs of abating. The earlier Ars article cited research from security firm Sucuri that found 500 sites running hacked versions of the WordPress content management system that were participating in the Coinhive mining. Ars also reported that two Android apps with as many as 50,000 downloads from Google Play had recently been caught putting cryptominers inside hidden browser windows. On Wednesday, researchers from Ixia reported finding two additional such apps with as many as 15 million downloads combined. (In fairness, one of the apps informed users it would use their phone's idle time to generate coins and provided a way for that default setting to be turned off. The apps have since been modified to curtail the practice.)

There are other indications that the in-browser cryptomining racket is getting worse. In a report published Tuesday, endpoint security provider Malwarebytes said that on average it performs about 8 million blocks per day to unauthorized mining pages.

People who want to avoid these cryptojacking scams can use Malwarebytes or another antivirus program that blocks abusive pages, install this Chrome extension, or update their computer host file to block coinhive.com and other sites known to facilitate unauthorized mining. As the phenomenon continues to grow and attract copycat services, blocklists will likely have to be updated, requiring regular updates to blocklists as well.

This tiny mint box is actually a gaming console packing a Raspberry Pi

The Altoids tin mint box clinched it.  While personally I haven't yet toyed with the Raspberry Pi concept I have been more and more intrigued lately.  The Altoids box threw me over the edge. NOW. I. HAVE. TO. TRY. THESE. Just for the fun, the learning experience and the doors it may open...


The following article was originally found at : This tiny mint box is actually a gaming console packing a Raspberry Pi

This tiny mint box is actually a gaming console packing a Raspberry Pi

by MIX — 17 days ago in SHAREABLES

Watch out, Nintendo: Raspberry Pi enthusiasts are building their own gaming consoles
and this latest one is actually pretty awesome.

Using a Raspberry Pi computer and an Altoids mint box, recreational inventor and
YouTuber Sudomod has designed a fully-functioning gaming device that
actually fits in your pocket.

As the creator explains in a new blog post, the DIY handheld console builds on his earlier
mintyPi project that aimed to cram a gaming console into a tiny tin box. Unlike
the first version, however, the new device uses 3D-printed parts to improve the
overall design.

You can watch the quirky gadget in action in the video below:

Much like a regular handheld gaming console, the mintyPi 2.0 comes with an integrated

display and a simple controller with a few buttons.

To give you some more context, the unusual device also features a 3D-printed hinge
to hold the screen open while playing as well as a USB sound card for sharper
sound.

What is particularly nifty is that the mintyPi also packs the recently introduced Pi Zero W that
brings wireless connectivity for effortless updates and custom
configurations.

Sudomod plans to release a detailed guide on how to build your own mint box handheld

console like the mintyPi. Follow his blog here for more Raspberry Pi-inspired tech
projects.

---

Disclaimer: We like some products. We don’t like others. Either way, if you buy something
through our affiliate links, we get a small cut of the revenue. This isn’t a
sponsored post, but for the sake of transparency, you deserve to know what’s
up.

This post was originally published in April 2017.

For those of us born in the 70's and earlier there is NO way we could ever envision carrying little computers around in our pockets. That was just the stuff of science fiction. Dreams. Fantasies. Yet, here were are ... George Jetson-style. With this awesome capability comes expense. People pay as much for their cellular devices, in a lot of cases, as they would had they bought a desktop computer or a laptop or tablet .... shrunk into ... a phone. A phone for which more time is spent surfing the web, using social media and taking pictures than actually using as a telephonic device. The phone part of it is just an excuse, an aside, an accessory. The latest and greatest bleeding edge iPhone is not only pricey to buy, but mighty pricey to fix.  Might want to stick these in bubble wrap on your way out the door....

iPhone X screen repair: $275

The following article was originally found at: iPhone X screen repair: $275

Hot tip for anyone running out to buy Apple's new $1,000 smartphone: Don't drop it.

The iPhone X, which hits store shelves November 3, is Apple's most expensive phone
yet. But the higher price tag isn't reserved just for the phone. Repairs are
more expensive, too.

A broken screen will set you back $275,
according to repair costs posted to the Apple web site. For comparison, a screen
repair for Apple's new $799 iPhone 8 Plus, costs $169. The figures were reported
earlier by MacRumors.

Those repair prices come down if you splurge for AppleCare+ -- an extended warranty
program that adds $199 onto the iPhone X's
sticker price.

In return, AppleCare+ covers all but $29 of screen repairs and all but $99 worth of
any other type of "accidental damage." There's a catch, however. AppleCare+ only
covers two instances of accidental damage. If you accidentally damage your phone
a third time, the cost of repairing hardware could run up to $549.

AppleCare+
extends the basic warranty that covers non-accidental iPhone mishaps -- such as
battery issues or a faulty headphone jack -- from one year to two.

The iPhone X was unveiled to much fanfare last month. It boasts a radical
update to the iPhone models of years past, with an all-glass display and an
option to unlock with facial recognition.

It  also has an all-glass back, so owners run the risk of cracking either side of
the phone.

However, Apple has claimed the glass on the iPhone 8 and iPhone X is much stronger than
earlier models, so it could be harder to break.

Pre-orders for the phone began online Friday, and units were selling out quickly. The U.S.
Apple Store site said it would take five to six weeks for new orders to ship.

--CNNMoney's Heather Kelly contributed to this report.